Vulnerabilities > Mozilla > Firefox > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-09 | CVE-2020-12422 | Out-of-bounds Write vulnerability in multiple products In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. | 8.8 |
| 2020-07-09 | CVE-2020-12420 | Use After Free vulnerability in multiple products When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. | 8.8 |
| 2020-07-09 | CVE-2020-12419 | Use After Free vulnerability in multiple products When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. | 8.8 |
| 2020-07-09 | CVE-2020-12417 | Incorrect Conversion between Numeric Types vulnerability in multiple products Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. | 8.8 |
| 2020-07-09 | CVE-2020-12416 | Use After Free vulnerability in multiple products A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. | 8.8 |
| 2020-07-09 | CVE-2020-12411 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 76. | 8.8 |
| 2020-07-09 | CVE-2020-12410 | Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. | 8.8 |
| 2020-07-09 | CVE-2020-12409 | Unspecified vulnerability in Mozilla Firefox When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. | 8.8 |
| 2020-07-09 | CVE-2020-12406 | Insufficient Verification of Data Authenticity vulnerability in multiple products Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. | 8.8 |
| 2020-07-09 | CVE-2018-12371 | Integer Overflow or Wraparound vulnerability in Mozilla Firefox An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. | 8.8 |